× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 04cf54c95b58f15a2d06ad805a49b20233408737eb417190a817fd189bcf2329
File name: 2186.pcap
Detection ratio: 1 / 46
Analysis date: 2013-04-09 10:14:24 UTC ( 5 years, 2 months ago )
Intrusion Detection System Result
Snort 13 alerts
Suricata 14 alerts
Antivirus Result Update
Avast Win32:Winwebsec-Z [Trj] 20130409
Yandex 20130408
AhnLab-V3 20130409
AntiVir 20130409
Antiy-AVL 20130409
AVG 20130409
BitDefender 20130409
ByteHero 20130405
CAT-QuickHeal 20130409
ClamAV 20130409
Commtouch 20130409
Comodo 20130408
DrWeb 20130409
Emsisoft 20130409
eSafe 20130407
ESET-NOD32 20130409
F-Prot 20130409
F-Secure 20130409
Fortinet 20130409
GData 20130409
Ikarus 20130409
Jiangmin 20130409
K7AntiVirus 20130408
Kaspersky 20130409
Kingsoft 20130408
Malwarebytes 20130409
McAfee 20130409
McAfee-GW-Edition 20130409
Microsoft 20130409
eScan 20130409
NANO-Antivirus 20130409
Norman 20130408
nProtect 20130409
Panda 20130408
PCTools 20130409
Rising 20130409
Sophos AV 20130409
SUPERAntiSpyware 20130409
Symantec 20130409
TheHacker 20130409
TotalDefense 20130408
TrendMicro 20130409
TrendMicro-HouseCall 20130409
VBA32 20130408
VIPRE 20130409
ViRobot 20130409
PCAP file! The file being studied is a network traffic capture, when studying it with intrusion detection systems Snort triggered 13 alerts and Suricata triggered 14 alerts.
Wireshark file metadata
File encapsulation Ethernet
Number of packets 966
Data size 580631 bytes
Start time 2012-07-30 10:44:48
File type libpcap
End time 2012-07-30 10:46:49
Capture duration 121 seconds
HTTP requests
DNS requests
Snort alerts Sourcefire VRT ruleset
Suricata alerts Emerging Threats ETPro ruleset
File identification
MD5 05bc36c6f9f30ee80245ddc546fbc9d5
SHA1 377c7eee5fc375c929658645100eff2080f09fdb
SHA256 04cf54c95b58f15a2d06ad805a49b20233408737eb417190a817fd189bcf2329
ssdeep
12288:fobg2phNlb49vaP28Y/51MKkUugghmSCD5YqNIJ:R2dlc96h21Mdxhm3D5YF

File size 582.1 KB ( 596111 bytes )
File type Network capture
Magic literal
tcpdump capture file (little-endian) - version 2.4 (Ethernet, capture length 65536)

TrID TCPDUMP's style capture (100.0%)
Tags
cap

VirusTotal metadata
First submission 2013-04-09 10:14:24 UTC ( 5 years, 2 months ago )
Last submission 2013-04-09 10:14:24 UTC ( 5 years, 2 months ago )
File names 2186.pcap
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!